This is an automated email from the ASF dual-hosted git repository.
adoroszlai pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ratis.git
The following commit(s) were added to refs/heads/master by this push:
new 92164c451 RATIS-2380. repeat-test.yaml is vulnerable to parameter
injection attacks (#1333)
92164c451 is described below
commit 92164c4519fec98b65f279351837f8f7afa3b048
Author: Doroszlai, Attila <[email protected]>
AuthorDate: Tue Jan 13 10:05:57 2026 +0100
RATIS-2380. repeat-test.yaml is vulnerable to parameter injection attacks
(#1333)
---
.github/workflows/repeat-test.yaml | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/.github/workflows/repeat-test.yaml
b/.github/workflows/repeat-test.yaml
index de787d929..11b77b1d3 100644
--- a/.github/workflows/repeat-test.yaml
+++ b/.github/workflows/repeat-test.yaml
@@ -55,6 +55,7 @@ jobs:
outputs:
matrix: ${{ steps.generate.outputs.matrix }}
test-spec: ${{ steps.test-spec.outputs.test-spec }}
+ ref: ${{ steps.ref.outputs.ref }}
steps:
- id: generate
name: Generate test matrix
@@ -76,6 +77,12 @@ jobs:
fi
echo "Test to be run: $test_spec"
echo "test-spec=$test_spec" >> $GITHUB_OUTPUT
+ - name: Define checkout ref
+ id: ref
+ run: |
+ echo "ref=$REF" >> $GITHUB_OUTPUT
+ env:
+ REF: ${{ github.event.inputs.ref }}
test:
if: ${{ always() }}
needs:
@@ -90,7 +97,7 @@ jobs:
steps:
- uses: actions/checkout@v4
with:
- ref: ${{ github.event.inputs.ref }}
+ ref: ${{ needs.prepare.outputs.ref }}
- name: Cache for maven dependencies
uses: actions/cache@v4
with:
